Description
Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2023-28334)
WordPress Plugin Duplicate Page Multiple Vulnerabilities (2.3)
IBM WebSEAL Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-4707)